Lucene search

[email protected]CVE-2009-0878

HistoryMar 12, 2009 - 3:20 p.m.

CVE-2009-0878

2009-03-1215:20:49

CWE-399

[email protected]

web.nvd.nist.gov

wesnoth

r32987

read_game_map

remote attack

denial of service

memory consumption

daemon hang

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.9 Medium

AI Score

Confidence

High

0.038 Low

EPSS

Percentile

91.9%

JSON

The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a map with a large (1) width or (2) height.

Affected configurations

NVD

Node

wesnothwesnothRange≤1.4.7

wesnothwesnothMatch0.2.1

wesnothwesnothMatch0.3

wesnothwesnothMatch0.3.1

wesnothwesnothMatch0.3.2

wesnothwesnothMatch0.3.3

wesnothwesnothMatch0.3.4

wesnothwesnothMatch0.4

wesnothwesnothMatch0.4.1

wesnothwesnothMatch0.4.2

wesnothwesnothMatch0.4.3

wesnothwesnothMatch0.4.4

wesnothwesnothMatch0.4.5

wesnothwesnothMatch0.4.6

wesnothwesnothMatch0.4.7

wesnothwesnothMatch0.4.8

wesnothwesnothMatch0.5

wesnothwesnothMatch0.5.1

wesnothwesnothMatch0.6

wesnothwesnothMatch0.6.1

wesnothwesnothMatch0.6.99.1

wesnothwesnothMatch0.6.99.2

wesnothwesnothMatch0.6.99.3

wesnothwesnothMatch0.6.99.4

wesnothwesnothMatch0.6.99.5

wesnothwesnothMatch0.7

wesnothwesnothMatch0.7.1

wesnothwesnothMatch0.7.2

wesnothwesnothMatch0.7.3

wesnothwesnothMatch0.7.4

wesnothwesnothMatch0.7.5

wesnothwesnothMatch0.7.6

wesnothwesnothMatch0.7.7

wesnothwesnothMatch0.7.8

wesnothwesnothMatch0.7.9

wesnothwesnothMatch0.7.10

wesnothwesnothMatch0.7.11

wesnothwesnothMatch0.8

wesnothwesnothMatch0.8.1

wesnothwesnothMatch0.8.2

wesnothwesnothMatch0.8.3

wesnothwesnothMatch0.8.4

wesnothwesnothMatch0.8.5

wesnothwesnothMatch0.8.6

wesnothwesnothMatch0.8.7

wesnothwesnothMatch0.8.8

wesnothwesnothMatch0.8.9

wesnothwesnothMatch0.8.10

wesnothwesnothMatch0.8.11

wesnothwesnothMatch0.9.0

wesnothwesnothMatch0.9.1

wesnothwesnothMatch0.9.2

wesnothwesnothMatch0.9.3

wesnothwesnothMatch0.9.4

wesnothwesnothMatch0.9.5

wesnothwesnothMatch0.9.6

wesnothwesnothMatch0.9.7

wesnothwesnothMatch1.0rc

wesnothwesnothMatch1.0rcl

wesnothwesnothMatch1.1

wesnothwesnothMatch1.1.1

wesnothwesnothMatch1.1.2

wesnothwesnothMatch1.1.3

wesnothwesnothMatch1.1.4

wesnothwesnothMatch1.1.5

wesnothwesnothMatch1.1.6

wesnothwesnothMatch1.1.7

wesnothwesnothMatch1.1.8

wesnothwesnothMatch1.1.9

wesnothwesnothMatch1.1.10

wesnothwesnothMatch1.1.11

wesnothwesnothMatch1.1.12

wesnothwesnothMatch1.1.13

wesnothwesnothMatch1.1.14

wesnothwesnothMatch1.2

wesnothwesnothMatch1.2.1

wesnothwesnothMatch1.2.2

wesnothwesnothMatch1.2.3

wesnothwesnothMatch1.2.4

wesnothwesnothMatch1.2.5

wesnothwesnothMatch1.2.6

wesnothwesnothMatch1.2.7

wesnothwesnothMatch1.2.8

wesnothwesnothMatch1.3.1

wesnothwesnothMatch1.3.2

wesnothwesnothMatch1.3.3

wesnothwesnothMatch1.3.4

wesnothwesnothMatch1.3.5

wesnothwesnothMatch1.3.6

wesnothwesnothMatch1.3.7

wesnothwesnothMatch1.3.8

wesnothwesnothMatch1.3.9

wesnothwesnothMatch1.3.10

wesnothwesnothMatch1.3.11

wesnothwesnothMatch1.3.12

wesnothwesnothMatch1.3.13

wesnothwesnothMatch1.3.14

wesnothwesnothMatch1.3.15

wesnothwesnothMatch1.3.16

wesnothwesnothMatch1.3.17

wesnothwesnothMatch1.3.18

wesnothwesnothMatch1.3.19

wesnothwesnothMatch1.4

wesnothwesnothMatch1.4.1

wesnothwesnothMatch1.4.2

wesnothwesnothMatch1.4.3

wesnothwesnothMatch1.4.4

wesnothwesnothMatch1.4.5

wesnothwesnothMatch1.4.6

CPENameOperatorVersion
wesnoth:wesnothwesnothle1.4.7
wesnoth:wesnothwesnotheq0.2.1
wesnoth:wesnothwesnotheq0.3
wesnoth:wesnothwesnotheq0.3.1
wesnoth:wesnothwesnotheq0.3.2
wesnoth:wesnothwesnotheq0.3.3
wesnoth:wesnothwesnotheq0.3.4
wesnoth:wesnothwesnotheq0.4
wesnoth:wesnothwesnotheq0.4.1
wesnoth:wesnothwesnotheq0.4.2

CPE	Name	Operator	Version
wesnoth:wesnoth	wesnoth	le	1.4.7
wesnoth:wesnoth	wesnoth	eq	0.2.1
wesnoth:wesnoth	wesnoth	eq	0.3
wesnoth:wesnoth	wesnoth	eq	0.3.1
wesnoth:wesnoth	wesnoth	eq	0.3.2
wesnoth:wesnoth	wesnoth	eq	0.3.3
wesnoth:wesnoth	wesnoth	eq	0.3.4
wesnoth:wesnoth	wesnoth	eq	0.4
wesnoth:wesnoth	wesnoth	eq	0.4.1
wesnoth:wesnoth	wesnoth	eq	0.4.2

Rows per page:

1-10 of 1091

References

launchpad.net/bugs/335089

launchpad.net/bugs/336396

packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog

packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog

svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?r2=32987&rev=32987&r1=31859&dir_pagestart=200

svn.gna.org/viewcvs/wesnoth/trunk/src/terrain_translation.cpp?rev=33078&dir_pagestart=200&view=log

exchange.xforce.ibmcloud.com/vulnerabilities/49294

gna.org/bugs/index.php?13031

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.9 Medium

AI Score

Confidence

High

0.038 Low

EPSS

Percentile

91.9%

JSON

Related for CVE-2009-0878

cvelist1 nvd1 prion1 ubuntucve1 openvas1